IN THE CLAIMS: 

1. (Currently Amended) A certification authority for generating certificates in response to 
respective certification requests, the certification authority comprising: 

A. a computer that is bootable from a removable medium; and 

B. a removable medium comprising a machine readable medium having 
encoded thereon: 

i. an operating system module configured to enable the computer to 
boot from the removable medium; and 

ii. a certificate generation module configured to, after the computer has 
been booted, control the computer to facilitate the generation of at least one 
certificate in response to an associated certification c e rtificate requestj-the 
c e rtification authority modul e b e ing configur e d to provid e that th e comput e r 
not b e r e mot e ly controll e d during a c e rtificate g e n e ration s es sion , 

2. (Currently Amended) A certification authority as defined in claim 1 in which said 
certification authority operates under control of an operator, the certificate generation 
module enabling the computer to display certification c e rtificat e request information 
associated with the certification c e rtificat e request to the operator and receive operator input 
information from an operator, the certificate generation module enabling the computer to 
use the input information from the operator in generating the at least one certificate. 

3. (Currently Amended) A certification authority as defined in claim 2 in which the operator 
input information includes operator authentication information, the certificate c e rtification 
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3 generation module including an authentication module configured to enable the computer to 

4 receive the operator authentication information and verify that the operator is authorized to 

5 control the certification authority. 



1 4. (Original) A certification authority as defined in claim 3 in which the certificate includes 

2 an digital signature comprising a signature that is generated using private encryption key, 

3 the certificate generation module including 

4 A. an encrypted private key; 

5 B. a decryption module configured to enable the computer to use the operator 

6 authentication information to decrypt the encrypted private key thereby to obtain a 

7 private key; and 

8 C. a digital signature module configured to enable the computer to generate a 

9 digital signature from information in the at least one certificate using the private key. 

1 5. (Currently Amended) A certification authority as defined in claim 2 in which the 

2 c e rtificat e g e neration modul e furth e r e nabl e s th e op e rator to r e c e iv e op e rator input 

3 information r e lating to information in the certificat e r e qu e st, the certificate generation 

4 module further includes including : 

5 A. a certification request information display module configured to enable the 

6 computer to display certification request information to the operator; and 
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7 B. a certification request edit module configured to enable the computer to 

8 receive eert certification request modification information from the operator and 

9 update information in the certification c e rtificat e request in response thereto. 

1 6. (Currently Amended) A certification authority as defined in claim 2 in which the 

2 certificate generation module further includes a certification request approval module 

3 configured to enable the computer to receive operator input information comprising a 

4 certification c e rtificat e request approval and generate the certificate r e qu e st in response 

5 thereto. 

1 7. (Currently Amended) A certification authority as defined in claim 1 in which information 

2 in a c e rtification r e qu e st is in a pr e d e termin e d format, the certificate generation module 

3 further includes including a certification request verification module configured to enable 

4 said computer to determine whether the information in the at least one certification request 

5 is in the a predetermined format. 

1 8. (Original) A certification authority as defined in claim 1 in which the computer is 

2 connected to retrieve certification requests from a remote storage location, the certificate 

3 generation module further including a communication control module configured to enable 

4 the computer to retrieve certification requests from the remote storage location. 
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1 9. (Currently Amended) A computer program product for use in connection with a computer 

2 to form a certification authority for generating certificates in response to respective 

3 certification requests, the computer being bootable from a removable medium, the computer 

4 program product comprising a removable medium in the form of a machine readable 

5 medium having encoded thereon: 

6 A. an operating system module configured to enable the computer to boot from 

7 the removable medium; and 

8 B. a certificate generation module configured to, after the computer has been 

9 booted, control the computer to facilitate the generation of at least one certificate in 

10 response to an associated certification c e rtificat e request , th e c e rtification authority 
n modul e b e ing configur e d to provid e that th e comput e r not b e r e mot e ly controll e d 

12 during a c e rtificat e g e n e ration session , 

1 10. (Original) A computer program product as defined in claim 9 in which said certification 

2 authority operates under control of an operator, the certificate generation module enabling 

3 the computer to display certification request information associated with the certification 

4 request to the operator and receive operator input information from an operator, the 

5 certificate generation module enabling the computer to use the input information from the 

6 operator in generating the at least one certificate. 

1 11. (Original) A computer program product as defined in claim 10 in which the operator 

2 input information includes operator authentication information, the certificate generation 

5 
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3 module including an authentication module configured to enable the computer to receive the 

4 operator authentication information and verify that the operator is authorized to control the 

5 certification authority. 

1 12. (Original) A computer program product as defined in claim 1 1 in which the certificate 

2 includes a signature comprising a signature that is encrypted using a private encryption key, 

3 the certificate generation module including 

4 A. an encrypted private key; 

5 B. a decryption module configured to enable the computer to use the operator 

6 authentication information to decrypt the encrypted private key thereby to obtain a 

7 private key; and 

8 C. a digital signature module configured to enable the computer to generate a 

9 digital signature from information in the at least one certificate and encrypt the 

10 digital signature using the private key. 

1 13. (Original) A computer program product as defined in claim 10 in which the certificate 

2 generation module further enables the operator to receive operator input information 

3 relating to information in the certification request, the certificate generation module further 

4 including: 

5 A. a certification request information display module configured to enable the 

6 computer to display certification information to the operator; and 
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7 B. a certification request edit module configured to enable the computer to 

8 receive certification request modification information from the operator and update 

9 information in the certification request in response thereto. 

1 14. (Currently Amended) A computer program product as defined in claim 10 in which the 

2 certificate generation module further includes a certification request approval module 

3 configured to enable the computer to receive operator input information comprising a 

4 certification request approval and generate the certificate in response thereto. 

1 15. (Currently Amended) A computer program product as defined in claim 9 in which 

2 information in a c e rtification r e qu e st is in a pr e d e t e rmin e d format, the certificate generation 

3 module further includes including a certification request verification module configured to 

4 enable said computer to determine whether the information in the at least one certification 

5 request is in the a predetermined format. 

1 16. (Original) A computer program product as defined in claim 9 in which the computer is 

2 connected to retrieve certification requests from a remote storage location, the certificate 

3 generation module further including a communication control module configured to enable 

4 the computer to retrieve certification requests from the remote storage location. 
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